eap-mschapv2

Indira Keesara ikeesara at acmepacket.com
Tue Jan 15 21:58:43 CET 2008 

Here is the output
Access-request
Access-challenge
Access-request
Access-challenge


Access-Request packet from host x.x.x.x port 1812, id=2, length=69
        User-Name = "user"
        NAS-Identifier = "85"
        NAS-Port = 118751232
        EAP-Message = 0x020000090175736572
        Message-Authenticator = 0xbffe37f0d2dd6107e5d25819a10268f5
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
    rlm_realm: No '@' in User-Name = "user", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 0 length 9
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
    users: Matched entry user at line 94
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: EAP Identity
  rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 2 to 172.30.89.70 port 1812
        EAP-Message = 0x0101001e1a01010019105db375091c330e20cccb6142e519da4775736572
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xabe2000babe31ac677bcdaf79192ae6c
Finished request 0.
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Request packet from host x.x.x.x port 1812, id=3, length=141
        User-Name = "user"
        NAS-Identifier = "85"
        NAS-Port = 118751232
        EAP-Message = 0x0201003f1a0201003a31c9151130261d75a03ee29838e3669b8c0000000000000000fd2c29e77c4ef0d2bcbd892567ddfc6bf99b0f0408c4fa380075736572
        State = 0xabe2000babe31ac677bcdaf79192ae6c
        Message-Authenticator = 0xb3f9ca598decfa00b44e8ebf291e3d5d
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
    rlm_realm: No '@' in User-Name = "user", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 1 length 63
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
    users: Matched entry user at line 94
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/mschapv2
  rlm_eap: processing type mschapv2
+- entering group MS-CHAP
  rlm_mschap: Told to do MS-CHAPv2 for user with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
++[mschap] returns ok
MSCHAP Success
++[eap] returns handled
Sending Access-Challenge of id 3 to x.x.x.x port 1812
        MS-CHAP2-Success = 0x01533d46393635324645444333354242333835453533374330333833373941393735313330363134413336
        EAP-Message = 0x010200331a0301002e533d46393635324645444333354242333835453533374330333833373941393735313330363134413336
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xabe2000baae01ac677bcdaf79192ae6c
Finished request 1.






-----Original Message-----
From: freeradius-users-bounces+ikeesara=acmepacket.com at lists.freeradius.org [mailto:freeradius-users-bounces+ikeesara=acmepacket.com at lists.freeradius.org] On Behalf Of Josh Howlett
Sent: Tuesday, January 15, 2008 3:41 PM
To: FreeRadius users mailing list
Cc: Josh Howlett
Subject: RE: eap-mschapv2

Post the debug ouput (radiusd -X).

josh.

> -----Original Message-----
> From:
> freeradius-users-bounces+josh.howlett=ja.net at lists.freeradius.
> org
> [mailto:freeradius-users-bounces+josh.howlett=ja.net at lists.fre
eradius.org] On Behalf Of Indira Keesara
> Sent: 15 January 2008 20:36
> To: freeradius-users at lists.freeradius.org
> Subject: eap-mschapv2
>
> I am using freeradius to test the eap-mschapv2.
>
> According to specs
>
>     To the access-challenge reply radius should sent a
> access-success with the mppe keys.
>
>     But what I see is to the reply radius is sending the
> access-challenge request again with mschap-success similar to the
>
> Eap-tls.
>
>
>
> I am not sure if I missed any configuration.
>
>

JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list